[2817] in WWW Security List Archive
Re: SSL and certificates
daemon@ATHENA.MIT.EDU (Gary Howland)
Tue Aug 27 11:10:17 1996
Date: Tue, 27 Aug 1996 15:09:17 +0200
From: Gary Howland <gary@systemics.com>
To: trevor_sterritt@mail.amsinc.com
CC: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
trevor_sterritt@mail.amsinc.com wrote:
>
> I have done some research into the whole area of public key encryption,
> SSL, SHTTP, and have a question for any experts that might be out there:
>
> Basically - The way I understand it, RSA's public key encryption system
> requires both parties to have a digital certificate. The public/private
> key pair are used to for authentication, and for the secure transfer of a
> negotiated session (secret) key, determined using DES. The session key is
> actually used for encryption.
>
> A lot of companies are now boasting products that use RSA's encryption
> technology. To use these products, you don't necessarily need a digital
> certificate. How can these products be considered secure if one party
> does not have a digital certificate?
>
> These are the implications as I see them (let me know if I am way off
> base here..)
>
> 1. The session key is not transferred securely when one party does not
> have a digital certificate. A bad guy could swipe the session key and
> "decrypt" data being transferred between the legitimate parties.
>
> 2. Both parties can not be authenticated.
>
> 3. Uninformed users are being lulled into a false sense of security.
You only need two certificates if you want to authenticate both
parties. If all you want to do is be sure that you are talking to, say,
IBM, and be sure that there is not a man in the middle intercepting and
passing on communications, then only one certificate is needed, that of
IBM. Your browser will simply encrypt a session key for IBM, and
establish communications using this session key. Since only IBM could
decrypt the message, you can be sure you are communicating with IBM and
that there is no man in the middle. In this case, however, IBM cannot
be certain of your identity, but that is usually not a problem, or if it
is, this could be solved by the simple use of a login screen with
password etc.
Best regards,
Gary
--
pub 1024/C001D00D 1996/01/22 Gary Howland <gary@systemics.com>
Key fingerprint = 0C FB 60 61 4D 3B 24 7D 1C 89 1D BE 1F EE 09 06
^S
^A^Aoft FAT filesytem is extremely robust, ^Mrarely suffering from^T^T
